CA in a card

ABSTRACT

A secure method for generating digital documents that are certified by a known authority, comprising the steps of: A. Programming an electronic device with a document issuing method that originates with the known authority; B. programming the electronic device with data identifying the owner of the device; C. reading a digital document into the device; D. physical identification of the owner of the device, based on the identifying data as programmed in step (B); E. if the result of the identification process in step (D) is positive, then issuing of a digital document signed by the known authority. A device for generating digital documents that are certified by a known authority, comprising a computer for implementing a program written in the memory, and wherein the memory includes a document issuing method that originates with the known authority; input means for reading information related to physical user identification; and output means.

STATEMENT AS TO RIGHTS TO INVENTIONS MADE UNDER FEDERALLY SPONSORED R&D

[0001] There was no Federal sponsoring for the present invention,therefore there are no rights deriving therefrom.

FIELD OF THE INVENTION

[0002] The invention concerns systems for generation of digitaldocuments and, in particular, to such systems that allow a user togenerate permits or certificates for himself, based on prior documentsand that user's identification.

BACKGROUND OF THE INVENTION

[0003] Heretofore, various systems and methods were used to generatedigital documents like permits or certificates.

[0004] In prior art, a center or service provider checks a user andissues a certificate to acknowledge that he is indeed who he claims tobe. Moreover, a certificate may include additional information relatedto that person.

[0005] To issue a certificate, the center has to identify that person.The authentication of user may be cumbersome at least.

[0006] This is a time-consuming process that is also costly—a waste oftime and money.

[0007] Another authority may issue permits. These are digital documentsthat indicate a specific person is allowed to do specific actions. Anentry pass to a factory is an example of a permit.

[0008] Again, the permit is issued personally to the legitimate holder.This may be a time-consuming process, that takes an effort on bothsides—the issuer and the recipient of that permit.

[0009] It is an objective of the present invention to facilitate thegeneration of digital documents like permits or certificates.

SUMMARY OF THE INVENTION

[0010] It is an object of the present invention to provide a system andmethod for generating digital documents.

[0011] These documents may include, for example, permits orcertificates.

[0012] The system allows a user to generate permits or certificates forhimself, based on prior documents and that user's identification.

[0013] This object is achieved by a device that a customer can buy anduse to generate digital document for that customer. To that purpose, thedevice includes means for automatic generation of digital documents.

[0014] Throughout the present disclosure, the device will be called“Certifying Authority (CA) in a card”.

[0015] Furthermore in accordance with the invention, the object isbasically accomplished by the CA in a card according to a routine andwith parameters that were defined by a permit issuing authority.

[0016] The CA in a card is an autonomous device that implements a secureprocedure to issue digital documents like permits or certificates.

[0017] The issuance of permits or certificates is based on two factors:

[0018] It uses prior identification of the user, as recorded in a priorissued digital document; and it physically identifies the user to ensurethat the person asking for the certificate is the one to whom the priordocument refers.

[0019] A card initialization method for the CA in a card is disclosed.This initialization is performed when the smart card is bought by auser.

[0020] The initialization may comprise either a full authenticationmethod or a partial authentication method.

[0021] Another aspect of the invention is the structure of a smart cardto implement the functions of a CA in a card.

[0022] Further objects, advantages and other features of the presentinvention will become obvious to those skilled in the art upon readingthe disclosure set forth hereinafter.

BRIEF DESCRIPTION OF THE DRAWINGS

[0023] The invention will now be described by way of example and withreference to the accompanying drawings in which:

[0024]FIG. 1 illustrates the certificates generation method in CA in acard system

[0025]FIG. 2 details a CA in a card system

[0026]FIG. 3 details the structure of a smart card for performing CA.

[0027]FIG. 4 details a method for issuing a certificate or permit

[0028]FIG. 5 details a method for implementing a Certifying Authority(CA) in a card

[0029]FIG. 6 details a CA in Card activation method

[0030]FIG. 7 details a method of use of CA in commerce

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0031] A preferred embodiment of the present invention will now bedescribed by way of example and with reference to the accompanyingdrawings.

[0032] Referring to FIG. 1, illustrates a method for the generation ofcertificates are generated in CA in a card system 3.

[0033] Inputs used in the CA in a card 3 include signals from a userphysical identification means 1 and a user's digital document 2.

[0034] Based on the above inputs, system 3 generates a permit 4 and/or acertificate 5 as desired by the user.

[0035] The structure illustrates the certificates generation method inCA in a card system 3.

[0036] Thus, the “CA in a card” novel concept refers to an autonomousdevice 3 that implements a secure procedure to issue digital documentslike the permits 4 or certificates 5.

[0037] The CA device 3 is sold to customers. Thus, each customer mayactivate his/her CA device to generate digital documents at will. Alimitation is that documents may be only generated according to CApolicy.

[0038] The CA device 3 only operates according to an internal programthat was written into the device by a recognized authority.

[0039] The CA device becomes, in effect, the agent or representative ofthat authority.

[0040] The CA device will implement the precise policy for issuingcertificates set up by that authority.

[0041] The structure of the CA device 3 prevents tampering with theprogram therein, as the program is written in fixed memory means thatcannot be altered. Even the user who owns the CA device is preventedfrom interfering with the actual operation of the device.

[0042] Therefore, the CA device will only issue a certificate or permitaccording to the rules set up by the authority that programmed thatdevice.

[0043] If the terms for issuing the digital document are not met, thenthe CA device may refuse to issue that document altogether.

[0044] The CA device includes means to prove that the issuance of acertificate or permit was authorized by a known authority. These meansmay include, for example, a permit issued by that authority to the CAdevice.

[0045] Each CA device 3 is uniquely identified with a unique ID number.That number is included in the permit issued by the known authority tothe device, and may be also included in digital documents generated bythe device.

[0046] Alternately, a secondary number and/or an alphanumeric string maybe generated responsive to the ID number and may be subsequently used inlieu of the ID number itself.

[0047] A certificate or permit, in order to be recognized by others, hasto include an encryption or signature with the private key of a knownauthority.

[0048] That information is contained in the CA device in a securememory, that is a memory that cannot be read nor cannot it altered byanyone. Only the device itself can update data therein or may destroyitself if necessary.

[0049] A distributed system can thus be implemented, wherein each usercan create certificates for himself/herself, certificates that areauthorized by a known authority.

[0050] A method of operation of CA in a card to issue digital documentslike permits or certificates is based on two factors:

[0051] 1. use prior identification of the user, as recorded in a priorissued digital document

[0052] 2. physically identifies the user to ensure that the personasking for the certificate is the one to whom the prior document refers

[0053] A smart card may contain a digital identification card. It mayinclude information relating to the user, his/her photograph andadditional personal information like a fingerprint or their signature.

[0054] It is also possible to use a secret password, that is known onlyto that person. A personal identification number PIN is an example of apassword. In yet another embodiment, a combination of both a personalproperty and some personal information are used to identify that person.

[0055] The information in the smart card/certificate therein may becompared with the characteristics of the real person, to issue anauthentication confirmation.

[0056] Thus, any person may prepare a certificate that is protected fromtampering with and is authorized by a known authority.

[0057] Any person may issue an authorization for himself/herself with nopossibility of cheating the system.

[0058] The process is based on:

[0059] A) A certificate held by that person, which certificate isalready signed by a known authority

[0060] B) Personal identification of the certificate holder based onsomething personal to him/her: something he knows or a personalproperty/characteristic.

[0061] C) A protected procedure, set up by a known authority, to issuecertificates based on A, B.

[0062] Thus, any person may issue certificates or various digitaldocuments for himself/herself, based on a digital document in theirpossession.

[0063] At present, there are various organizations that will issue adigital document to a person, after they have identified that person.

[0064] The novel approach—any person who holds a digital document andhas a smart card with a CA capability, can issue certificates or otherdigital documents for himself/herself.

[0065] For Example:

[0066] A person holds a Visa credit card, that is a digital documentissued by an organization that is a member of the Visa group.

[0067] Visa has a known CA, so that it is accepted that the credit cardholder has been already identified by that organization.

[0068] That person desires a permit that includes his name, the detailsof the credit card and additional information like the bank details.

[0069] To prove his identity, the card holder presents the credit cardto a CA. A possible problem is that the credit card is stolen. There isthe danger that a permit may be issued to the wrong person.

[0070] To solve this problem, the CA will require a means of personalidentification, in addition to the presentation of the credit card. Thatpersonal identification means may include a personal identificationnumber PIN.

[0071] The PIN may protect the information in the credit card. Forexample, a four digit PIN may be used. The PIN may represent theinformation in the credit card, encrypted or using a special-purposehash.

[0072] The special-purpose hash may use a secret formula to compute thePIN.

[0073] The PIN is presented by the user and serves both to identify theuser and to attest as to the integrity of the information in the creditcard.

[0074] CA Method:

[0075] a. There is a CA backed by a known authority like Visa.

[0076] b. a smart card contains a “CA on a card”, that is a capabilityto perform the functions of CA as defined by the original CA.

[0077] c. The new smart card, that is sold to a customer, contains:

[0078] a pair of encryption keys, comprising a private and a public key

[0079] an identification number (ID) that is unique to that smart card

[0080] a digital certificate that links the above two values, that isthe ID and the encryption key, issued by the known manufacturer of smartcards

[0081] Initially, the smart card may contain only the ID, without theencryption keys. The encryption keys may be added later.

[0082] A permit or authorization from a known authority, that the smartcard is authorized to issue permits in the name of that authority.

[0083] For example, Visa may issue a permit to the card that the card isauthorized to issue permits/certificates in its name.

[0084] This method, in fact, transforms the smart card into asubcontractor of that known authority, for the purpose of issuingpermits/certificates.

[0085] Thus, the smart card now can issue permits/certificates in thename of the original CA authority (Visa for example), to people desiringthese documents from that known authority.

[0086] The unique ID in the smart card allows for traceability of thepermit to source, that is to track the permit to source.

[0087] A permit may include a message to the effect that, for example“The person whose ID is 9094455 is allowed to enter the Casino in TelAviv”.

[0088] This permit by itself cannot be used by a person to be admittedthere. For that purpose, the user has to also present a certificate(another digital document) indicating that he/she indeed has that ID asmentioned in the permit.

[0089] The above method may be used to generate a plurality of permitsfor the owner of the CA in a card. To this purpose, the CA in a cardreads a plurality of credit cards, telephone cards, cash cards and/orother types of cards, all belonging to the owner of the CA in a card.The owner is identified, to prevent unauthorized generation of permitsby another person.

[0090] The device issues a digital document (a permit) for each card.Each such permit is backed by the authority of the certifying authorityCA that established the method implemented in the smart card.

[0091] The permits thus generated may be used to replace the originalcredit cards, telephone cards etc. that formed the basis for thegeneration of the permits.

[0092] This is acceptable since the user proved that he/she is thelegitimate owner of those cards and the permits were prepared in areliable, secure method that is backed by the certifying authority.

[0093] The digital documents (for example permits) may be stored in thesame smart card device that generated those documents. It may be moreconvenient for a user to carry just a smart card storing many permits,than to carry many plastic cards.

[0094] Thus, the permits are stored in the smart card without danger ofdamage to them. Plastic cards may be damaged by heat, magnets or otherfactors.

[0095] A user may have difficulty in holding many plastic cards. Thesemay take a large volume and may be difficult to store. A smart card,using modern digital storage means, may hold many permits (cards) in avery small volume.

[0096] Plastic cards may be read by anyone. The magnetic stripe isalways readable to all. The permits in the smart card, however, may beeither presentable to all, or their presentation may be conditional, asthe user may desire. The activation of the permits may be conditional,to ensure that only the legitimate owner may use them. To this purpose,a PIN may be used or a challenge, for example.

[0097] In yet another application of the present invention, anotherperson may send a digital document to the smart card owner. For example,a document may include an entry pass to a private parking lot for aspecific day and time. The document may be sent by a third party, forexample, over the Internet like an E-mail.

[0098] Otherwise, a document may be sent over a wireless link like acellular telephone.

[0099] Although the document may be sent over an open line, only thelegitimate addressee may use the permit. This is achieved with thedocument containing a designation of the addressee, together with therequirement that the addressee identify himself/herself.

[0100] When a user receives such a digital document, he/she enters itinto the smart card for storage therein. The document is ready to use asrequired. Using this novel approach, a plurality of documents, receivedfrom many sources, may be stored in the smart card.

[0101] Examples of such documents: entry passes, payments, credit lineestablishment for a specific user at a certain facility or store.

[0102] Therefore, the novel smart card can implement various functions:

[0103] a. A CA in a card, to generate permits or other digital documentsfor the holder of the device. The user may generate digitial documentslike permits or certificates from other documents.

[0104] b. A holder of digital documents issued by the card owner. Aplurality of digital documents like permits and/or certificates may besecurely stored in the device. The authenticity of the documents isattested to by the CA in a card. Any document may be presented and/ortransmitted, as desired by the owner of the device.

[0105] c. A holder of digital documents received from a third party.Various digital documents, received from third parties, may be stored inthe smart card. Any document may be presented and/or transmitted, asdesired by the owner of the device.

[0106] These and other functions may be implemented in the smart carddisclosed in the present invention.

[0107] A user may decide whether his/her smart card will be used as a CAin a card, as a holder of digital documents and/or for other functions.

[0108] A physical implementation of the smart card may include awristwatch. The electronic circuitry of the wristwatch may implementboth the functions of a watch and a smart card.

[0109] Such a device is easy to use and may be implemented at a lowcost.

[0110] Alternately, the smart card may be implemented in various smartdevices that include digital storage means and computing means.

[0111] In yet another implementation, the smart card may be implementedin a smart device.

[0112] The structure of the smart card is further detailed withreference to FIGS. 2 and 3 below.

[0113]FIG. 2 details a CA in a card system. The CA in a card 3 ispreferably implemented as a smart card device. To activate the device,it should be connected to external data sources.

[0114] For example, the smart card 3 may be directly connected to aninterface to credit card 21 for reading a user's digital document in acredit card (not shown).

[0115] The device 3 may also be connected to a personal computer PC 62through a PC interface 61. The PC 62 may be also connected to anInternet link 63.

[0116] Various input means may be connected to device 3 through computer62, for example an interface to credit card 22 for reading a user'sdigital document in a credit card (not shown) through the PC 62. In thisembodiment, the smart card 3 does not need a special-purpose interface,so it is easier cheaper to implement.

[0117] Other devices may be also connected to the device 3 through thePC 62, for example a video camera 11, a fingerprint reader 12 and/or adigitizer 13. The above means are means for implementing the userphysical identification means 1 illustrated in FIG. 1

[0118] Various types of prior identification documents 2 may be used.Thus, the basis for the new certificate 5 may be another certificate 2held by the user, that draws on a known authority.

[0119] This is a novel approach—the majority of people are alreadyidentified and are holding documents attesting to their identity. Thesemay include an identity card, driver's license, a professionalorganization card, a student card, a credit card, an attorney card. Eachone of these documents attests as to the identity of their holder/owner.

[0120] Each one of these documents may be used as a basis for user'sidentification, to issue a new certificate based on it.

[0121] Therefore, a new certificate may be issued without the need toagain check the identity of the user.

[0122] The present invention thus teaches that a user may certifyhimself/herself based on that prior identification documents.

[0123] Various methods for physical identification of the user aredetailed in FIG. 2, including for example means 11, 12 and/or 13.

[0124] The PC 62 may be connected to the Internet 63. If connected, itmay function as a supervisor to ensure only legitimate access. The userenters manually identification information, and presents a smart cardwith certificate for access to Internet. If information relates OK, thenaccess is granted to Internet. It also provides user authentication, toallow secure operations on the Internet, like buying merchandise on thenet, accessing information services etc.

[0125] CA in Card activation method

[0126] a. A user having some type of a digital permit buys a smart cardin a store. The smart card is a platform for CA use, however it is notyet personalized for that user.

[0127] b. To activate/personalize the smart card, it is connected to aSmart Card Activation Device (SCAD). The SCAD may comprise for example apersonal computer with means for connecting to smart cards and to otherdevices as required.

[0128] c. A digital document pertaining to that user is also enteredinto the SCAD. For example, the user may present a plastic credit card,wherein personal information for that user is recorded on a magneticstripe in the card.

[0129] d. The SCAD binds together the information in the smart card andthe personal document for the user in the plastic card, and generates adocument that is transferred to the smart card.

[0130] This process “engraves” the personal information for that userinto the smart card. Now the smart card is personalized to that user.

[0131] Thus, a customer may hold documents attesting to their identity.These may include an identity card, driver's license, a professionalorganization card, a student card, a credit card, an attorney card.

[0132] If the smart card is subsequently stolen, a thief cannot use itsince the secret information therein (the personal informationpertaining to the legitimate owner of the card) is not known to thethief.

[0133] To use the smart card as a CA, it will require a personalidentification that only the legitimate owner of the card can provide,like a PIN. In one embodiment, the user may define or enter a personalpassword, that is only known to that user. The user may be allowed tochoose any password at will.

[0134] The password is kept inside the smart card and may be used forsubsequent authentication of that user.

[0135] In another embodiment, the PIN is derived from the information inthe smart card, using a secret procedure. The procedure may be storedand executed in the smart card, in means that do not allow access to itfrom the outside. Thus, an intruder will not know how to compute the PINfrom the information in the smart card. The smart card may display thePIN just once, to the legitimate user. Otherwise, the PIN may bedisplayed to a user during the smart card initialization procedure, thatuses a Smart Card Activation Device SCAD as detailed above. When thesmart card is initialized with the user's information, the PIN iscomputed in the SCAD and is displayed to the user.

[0136] The SCAD may comprise for example a personal computer or anAutomatic Teller Machine ATM.

[0137] Furthermore, the PIN may comprise the result of computationsperformed on user's identification data that is stored in the smartcard. Thus, for example, the PIN is a hash or CRC performed on theuser's photograph, signature and/or fingerprint.

[0138] Thus, the PIN binds the smart card to that specific user.

[0139] Throughout the present disclosure, user identification datarefers to information related to the user like the user's photograph,signature, voice signature, fingerprint and/or a combination thereof,each in a digital form suitable for automatic computer processing.

[0140] To achieve still better protection from tampering with the smartcard, the device further includes PIN activation supervision means.These means allow only a limited attempts at presenting a PIN number.Thus, if a thief will try to find the PIN by a trial and error method,he will not be successful, since the supervision means will only accepta limited number of trials. After a predefined number of trials atentering the PIN number, the smart card will ignore further attempts. Inanother embodiment of the supervision means, the smart card will performa self-destroy routine.

[0141] Thus, an unauthorized person will not be able to activate thesmart card by an exhaustive procedure of trying all the possible valuesof a PIN.

[0142] The above detailed system and method allow to identify the ownerof a smart card, using a PIN and/or physical characteristics of thatuser. User challenge procedures may be implemented.

[0143] The personal computer PC may include means for reading thosephysical characteristics. For example, the computer may include a videocamera to input a user's image, to be compared to the photograph storedin the smart card.

[0144] The computer may include interface means to read the fingerprintpattern to the computer.

[0145] The computer may include voice input means, like a SoundBlasteror other Analog to Digital Converter ADC means.

[0146] The computer may include digitizer means to enter the user'ssignature in real time, to be compared with a digitized signature in thesmart card.

[0147] An important result of the above methods and systems is thereliable identification of a person. The identification is automaticallyperformed by a personal computer with a smart card, in a protectedenvironment that is protected from tampering with.

[0148] This user identification may be subsequently used for varioustransactions, for example transactions over the Internet. Reliable useridentification allow to perform various activities over the Internet,while preventing access from unauthorized persons.

[0149] Moreover, the whole identification process is local at the user'spremises. All the identification information is kept local in the smartcard and the local personal computer. None of the user's confidentialinformation is sent over the Internet.

[0150] Thus, an important benefit of the present invention is that itallows reliable user identification for remote access or activities,while none of the user's confidential information is sent to a remotelocation.

[0151] This helps prevent an impostor from attacking the system, sincethat impostor will not have access to the information that is requiredfor his attack. A possible impostor needs the information relating tothe legitimate user, in order to present it to resource providers overthe Internet for example.

[0152] In prior art systems that send the information relating to theuser over the Internet, that information may be intercepted by anintruder and used for his attack. Thus, although such a method may beconvenient to the user, it is not secure.

[0153] In other prior art systems, the user has to actually come to theoffices of an organization that provides digital certificates, in orderto be identified and issued a certificate. This is a secure method,however it is not convenient to the user. As an user may desire multiplecertificates or permits at different times, this method may provecumbersome and impractical.

[0154] In the present invention, however, a secure means to identify theuser is provided. User authentication is achieved with a reliable yeteasy to use procedure.

[0155] The user identification is traceable to known, acceptedauthorities—the authority that issued the smart card, and the authoritythat issued a former digital certificate or permit to that user. Theseare known, widely recognized and accepted entities, so that theidentification means (the certificate thus issued) will be accepted atthe remote location, for example the Internet.

[0156] Examples of Accepted Authorities:

[0157] a. For the smart card: a credit card issuer, like Visa orMasterCard or American Express. The credit card issuers are well knownand anyone can check the validity of a specific smart card. The uniqueidentification number in each smart card may be used to that purpose.

[0158] b. for the personal certificate/digital document:

[0159] an identity card issued by a Government;

[0160] a driver's license issued by a Government Agency;

[0161] a professional organization card, like an attorney's card, issuedby a known organization like the national attorney's organization;

[0162] a student card, issued by a recognized university;

[0163] a credit card, issued by a credit card issuing firm.

[0164] It is accepted that any of the above documents is issued by arecognized authority, after identifying the owner of that document.

[0165] That user's authentication may be used for various purposes, forexample to gain access to remote information databases or to buy overthe Internet. There is no need to present a credit card number, as theuser is known and acceptable to the remote provider of goods orservices. That is, the user authentication according to the presentinvention may be used to replace the presentation of the credit cardnumber.

[0166] The presentation of a credit card number over the Internet, asrequired in prior art transactions, is dangerous since the informationmay be intercepted en route and misused by unauthorized people.

[0167] The certificate in the present invention, however, may be safelyused over the Internet for various transactions as desired.

[0168] To prevent repeat use of a certificate, the user may insert atime stamp into the certificate/permit thus issued. The digital documentcan be used only at that specific time and date. If presented at a latertime by an impostor, this will be quickly detected.

[0169] Method of Use of CA in Commerce

[0170] System reads credit card—for example a magnetic card readerconnected to a personal computer, reads the information recorded on themagnetic tape in the plastic card

[0171] user enters PIN or other method of personal identification

[0172] the smart card reads all the information and issues acertificate. The credit card details may be encrypted with the publickey of the recipient, that is the other side, or the service supplierwho is the other party to the transaction.

[0173] Detailed Method

[0174] the smart card holds a unique ID of the CA and the user'spassword The smart card operates according to a fixed program that wasset according to rules governing CA, a program that is fixed and cannotbe changed by the user.

[0175] the user asks that the CA give him/her a certificate to attest tothe user's ID. For example, that the user whose name is John Doe has theID of 31415.

[0176] The user identifies himself with the PIN, to prove that he is thelegitimate owner of the smart card.

[0177] The user presents the ID and a public key, and a challenge isperformed. The smart card checks that the user holds the private keycorresponding to that public key. This may be performed with the userperforming an encryption with the private (secret) key.

[0178] Now the CA in the smart card knows that the user is indeed theperson he claims to be, and that he possesses the encryption key pair asclaimed. Of this key pair, only the public key was presented to the CA.

[0179] Based on the above, the CA in the smart card issues a certificateattesting to the above information. The preparation of the certificateis performed according to rules fixedly programmed into the CA in thesmart card. That is, a certificate is only issued if the informationgiven by the user and the details of the certificate comply with therules for issuing certificates that are written in the CA and thatgovern its operation.

[0180] The CA attaches to the above certificate a permit issued to theCA, to the effect that the CA in this smart card is authorized to issuecertificates of the type just issued. The permit, issued by the knownand publicly recognized authority that prepared the CA in the smartcard, indicates that the CA is authorized to issue certificates.

[0181] Notes:

[0182] The inclusion of the public key is optional; a certificate mayomit it, as the case may be.

[0183] The CA in smart card, as purchased by the user, contains all themeans and programs that are required to perform the above procedure.This is the product sold to the user.

[0184] Method of Use on the Internet

[0185] a. The user presents a certificate from a credit card issuer (forexample a credit card from Visa)

[0186] b. The user presents his ID with the certificate of the CA onsmart card

[0187] c. a challenge is performed versus the user's public key, toprove the identity of the user. This identification is based on thedigital document that was presented to the CA, like the credit cardattesting to the identification of the user by the credit card issuer,or of a bank for example.

[0188] d. the CA on card now issues a certificate, that is a digitaldocument referring to the user of the smart card.

[0189] e. the user may use the certificate to identify himself/herselffor transactions over the Internet.

[0190] An important goal of the CA in card and the above procedure is toallow the user to identify himself/herself to a remote party for varioustransactions with that party.

[0191] If the user is reliably identified to the second party, this isthe basis to permit transactions with that second party. Now that otherparty may be sure that they will receive payment for services performedor goods ordered. Likewise, the other party is assured that the user isauthorized to ask for information or services or goods over theInternet.

[0192] As a minimum, the certificate issued by the CA on card may beused to attest that the user is a reliable person (he has a credit cardor a driver's license), or that he is indeed John Doe he claims to be.

[0193] In another application of the novel CA on card, a certificate maybe used to attest that this user has a specific E-mail address, or thatthis user, that was identified by the CA on card, is the legitimateowner of a specific E-mail address or Internet name.

[0194] This attestation may be used to receive E-mail of a personal orconfidential nature, where it is important to ensure that the message isreceived by the person it was addressed to.

[0195] Likewise, the technology may be used to transmit E-mail of apersonal or confidential nature, where it is important to ensure thatthe message originated with the person who claims to have sent it.

[0196] In another embodiment, a smart card generates a random number andencrypts it with the private key of the CA. The other party receives amessage encrypted with its public key, and returns a message to provetheir identity.

[0197] If a party to a communication session has control over a specificE-mail, he can prove it by returning a message whose contents isresponsive to a message received in that E-mail address.

[0198] A basic function of CA in a card is to identify a person. Areliable identification is performed and a reliable digital document(certificate) is issued to prove it. The certificate attests that theholder of that certificate is indeed the person he/she claims to be.

[0199] At present, it is difficult for one party to verify the identityof another party. The other person may be at a remote location, with theparties communicating over the Internet or using other means ofcommunications. The novel technology disclosed in the present inventionwill allow to reliably identify the other party to a transaction.

[0200] An enhanced certificate may include additional information likethe details of a credit card to be used for an Internet transaction.

[0201] In a further advanced application, the certificate may include awide range of information about the user/card holder, like a photograph,fingerprints, personal signature and/or other personal information.

[0202] The photograph or fingerprints, for example, may be detailed in adigital file like a bit map or a picture vector representation oranother method.

[0203] The certificate may implement a digital identity card, passportor other personal document.

[0204] A certificate or permit may be kept in a computer or anothermeans for file storage. This document does not contain sensitiveinformation and can be therefore stored in any place or presented toanyone. To use that digital document, however, one has to possess thecorresponding private key and/or the corresponding PIN.

[0205] A user may have many certificates, for example each one for adifferent Internet address held by that user. A user may have severalcredit cards or several nicknames. The user may present one of his/hercertificates, as dictated by circumstances or the specific transactionto be performed. This allows a user to consolidate their permits and/orcertificates.

[0206] There may be permits that require user identification, whereasother permits may not need it. Accordingly, a user may present acertificate or their identification card for example.

[0207] A permit may be sent en clair over a public network. To use thepermit, however, a user may have to prove his identity. This methodallows for sending permits openly, while ensuring that only thelegitimate recipient can use that permit.

[0208] Methods of Operation of the CA in a Card

[0209] A method is suggested to establish a “CA on a card”—which means auser can purchase a smart-card, and create his own authentication, wherethe CA that establishes the authentication, is virtually on the card.

[0210] The CA on the card is able to verify the user's authenticationtrough existing digital authentication, that most users already hold,for example their Credit card and PIN number.

[0211] Once a user slides in his/her credit card, and punches his PINnumber, it can be said to a good degree of confidence that he isauthenticated. This is the confidence level corresponding to the factthat the credit company authenticated the user, and it is trusted enoughto supply goods or money.

[0212] Some or part of the details on the credit card can be transferredto the digital form of a Certificate or a Permit.

[0213] Method 1: Full Authentication

[0214] This authentication is possible, when the information stored onthe media, is protected by some kind of PIN, or other information (suchas finger-print), that the apparatus can check.

[0215] For example, if on a credit card, the name is encrypted with the

[0216] PIN, in a way that, if the name was maliciously changed, the PINcheck would not turn out OK.

[0217] Example that does not allow off-line full authentication, butapplies to authentication on-demand:

[0218] Name, picture, fingerprint, signed by a trusted third party,stored on a credit card. (Unless the apparatus can check fingerprint orpicture, in which case it can be off-line full authentication).

[0219] The method will be illustrated by way of example for credit card.

[0220] We would like to create an authentication permit from a trustedauthenticating party, for the user who wants to be authenticated.

[0221] For example a Certificate Authority, that we shall refer to asCA, may be used to generate that permit. The CA shall empower the CA onthe card to perform the verifications necessary and to create thepermit.

[0222] The result permit can be stored on the same smart card, so itwould be mobile and safe.

[0223] The method is built on the following components:

[0224] 1. smart-card (with software)

[0225] 2. smart-card credit-card connecting apparatus.

[0226] 3. smart-card PC connecting apparatus.

[0227] 4. PC with software.

[0228] a. Purchase Stage:

[0229] The smart card can be sold on any store, with or without softwarefor the PC, the software can be from any other source, includingInternet.

[0230] Each smart card, contains software, and a special permit from theCA allowing it to authenticate a user in the CA behalf.

[0231] Also included on the smart card are public key/private key pairfor the smart card, its own ID, and a digital certificate.

[0232] All the above define the components of the CA on the card.

[0233] So the smart card can come from the factory with its own uniquedigital-ID, and with a copy of the CA's public key.

[0234] It may come with its own set of private/public key: and acertificate that binds its identification (ID) and public key.

[0235] Another option is that it will not come ready with keys, but witha special password, and will create its keys later when it is connectedto the PC, and gets its certificate on-line, by a communication linesupplied by the PC. (Internet for example)

[0236] When the CA on the card creates permit of authentication, the IDthat receives the permit can come already on the smart-card.

[0237] If the receiver ID is on the smart card, it can come with itspublic/private key pair or without it. In the latter case, the keys arecreated later.

[0238] b. The Binding Stage:

[0239] The smart-card is connected to the smart-card credit-cardconnecting apparatus. When the credit card is inserted, it's details arecopied into the smart card, and can never be changed again.

[0240] (This is required so that this apparatus would not be used tocrack credit cards.)

[0241] c. The Activation Stage:

[0242] At this stage we assume that the software was safely installed onthe computer.

[0243] The user connects the smart-card to the computer using thesmart-card PC connecting apparatus.

[0244] (if the smart-card was without CA on card private/public keys, itcreates them and get a certificate that binds them with its ID. Thespecial password (which is sent encrypted) ensures that there will be noother apparatus with the same ID)

[0245] The user can now choose whether it would like to use the receiverkeys and/or ID that are on the smart card, or would like to create hisown.

[0246] He can also transfer ID/keys from another device, through the PC.

[0247] The keys that the smart card created for the CA never goes out ofthe card.

[0248] It is recommended that the user creates his own set ofprivate/public keys with his own ID, which can be later stored on thesmart card.

[0249] The user can create his own keys, and transfer to the smart cardonly his ID and public key (and the certificate that binds them).

[0250] In that case, the smart card challenges the computer to make surehe has both keys. (or that the computer can transfer the key set to thesmart card).

[0251] The user would now be asked to punch in his credit card PINnumber.

[0252] The smart-card, through a special software installed in it, willcheck that this PIN number is correct. (If it's not correct, the userwill be prompted again for a limited number of times, after which, thesmart-card locks itself forever. This is done so it won't be used tocrack credit-cards.)

[0253] After the user entered the correct PIN number, the smart cardKNOWS that this user is really the one on the card, as it passedauthentication. It also knows that the user is an owner of theappropriate ID, therefore it issues an authentication permit under thelicense given to it by the CA, to authenticate that ID as the name (asstated on the credit card).

[0254] As described, the process could be done off-line.

[0255] The process comprises the following stages:

[0256] 1. user purchases smart-card.

[0257] 2. user connects smart-card and credit card.

[0258] 3. (after installing software) user connects smart-card and PC.

[0259] 4. user punches PIN on the PC.

[0260] This is only an example. An other possible example is that theuser would like to transfer a permit from one ID to the other, or apermit from one format to the other.

[0261] If this is the case, and the issuer of the permits allowed it(can be stated on the permit, or as otherwise known to the CA on thecard). The binding and activation are done in a similar way, but the oldpermit can be transferred through the computer connection, and theactivation through a challenge instead of PIN number.

[0262] Since the general CA is trusted, its subordinate on the card isalso trusted, and since the card is self-contained, both CAs are trustedto the same degree.

[0263] If the system requires, the CA on the card can make inquiries “inthe world”, by connection supplied by the PC, such as an Internetconnection. Since the CA on the Card holds the general CA public key,the session can be encrypted and authenticated.

[0264] Also, instead of a PC, a special device can be supplied.

[0265] Method 2: Partial Authentication

[0266] It can be that a full authentication is not required. This mightbe the case, if the credentials are given in such a way, that they aregiven, but are depended on an other form of authentication, such afingerprint, or photo.

[0267] In this case the smart-card can verify the correctness of theinformation, and create a permit, that a certain ID, or entity is givencredentials, and for example, includes its photograph or fingerprints.Only after authentication by the required parameter, the credentials aregiven.

[0268]FIG. 3 details a smart card structure. The CA in a card 3 ispreferably implemented as a smart card device. It includes hardwaremeans 31 to store the information and perform computations and input/outcontrol, and I/O channel means 32 to connect to a card reader, the PCand/or the user of the device. It may include several channels to thatpurpose.

[0269] The software 33 includes the various programs that govern theoperation of the device and the various parameters/data as required.

[0270] The Structure of CA in a Card

[0271] Certifying authority CA 3 may be implemented with electronicmeans; preferably in a smart card.

[0272] It uses CA electronic means with means for protection againsttampering with. This is a requirement, prerequisite for reliable CAoperation.

[0273] Implementation examples: in smart card; shaped like a plasticcard or a smart card in wristwatch, for example. Includes interfacemeans with a computer PC.

[0274] This allows to generate new smart cards in watch for example,with certificates therein. It is also possible to update the informationin the smart card.

[0275] One physical device may contain many smart cards, of varioustypes. to replace many plastic cards/smart cards now in use that theuser has to hold separately.

[0276] The device includes means for protecting the programmed methodfrom tampering with. This ensures that the device will operate as acertifying authority according to the program or document issuing methodthat originates with the known authority. This is the fixed program thatis built into the smart card at an early stage, to govern its operation.

[0277] Method for Issuing a Certificate or Permit (see FIG. 4)

[0278] One embodiment of the method comprises the following stages:

[0279] performing a physical identification of the user 711 to ensurethat the person asking for the certificate is the one to whom the priordocument refers prior identification of the user, as recorded in a priorissued digital document

[0280] stopping if failed ID 712

[0281] receiving user's request 713

[0282] stopping if illegitimate req. 714

[0283] creating digital document 715 using a protected procedure, set upby a known authority, to issue certificates based on A, B.

[0284] Addition of permit, ID or a certificate held by that person,which certificate is already signed by a known authority

[0285] performing encryption or signature 716, in order to be recognizedby others, has to include an encryption or signature with the privatekey of a known authority.

[0286] That information is contained in the CA device in a securememory, that is a memory that cannot be read nor cannot it altered byanyone. Only the device itself can update data therein or may destroyitself if necessary.

[0287] issuing digital certificate or permit 717

[0288] A distributed system can thus be implemented, wherein each usercan create certificates for himself/herself, certificates that areauthorized by a known authority.

[0289] Method for Implementing a Certifying Authority (CA) in a Card

[0290] One embodiment of the method comprises the following stages, SeeFIG. 5:

[0291] Forming a CA backed by a known authority 721

[0292] Implementing a smart card containing a CA on a card 722, that isa capability to perform the functions of CA as defined by the originalCA.

[0293] issuing a smart card to a customer 723.

[0294]  the smart card includes c. The new smart card, that is sold to acustomer, contains:

[0295] a pair of encryption keys, comprising a private and a public key

[0296] an identification number (ID) that is unique to that smart card

[0297] a digital certificate that links the above two values, that isthe ID and the encryption key, issued by the known manufacturer of smartcards

[0298] Initially, the smart card may contain only the ID, without theencryption keys. The encryption keys may be added later.

[0299] A permit or authorization from a known authority, that the smartcard is authorized to issue permits in the name of that authority.

[0300] For example, Visa may issue a permit to the card that the card isauthorized to issue permits/certificates in its name. storing the

[0301] customer initial identification 724, to create a digital document

[0302] storing customer ID in card 725

[0303] Thus, the smart card now can issue permits/certificates in thename of the original CA authority (Visa for example), to people desiringthese documents from that known authority.

[0304] The unique ID in the smart card allows for traceability of thepermit to source, that is to track the permit to source.

[0305] CA in Card Activation Method

[0306] One embodiment of the method comprises the following stages, SeeFIG. 6:

[0307] customer buying a smart card 731

[0308] a. A user having some type of a digital permit buys a smart cardin a store. The smart card is a platform for CA use, however it is notyet personalized for that user.

[0309] activating the smart card using SCAD 732

[0310] b. To activate/personalize the smart card, it is connected to aSmart Card Activation Device (SCAD). The SCAD may comprise for example apersonal computer with means for connecting to smart cards and to otherdevices as required.

[0311] adding a user's personal digital document 733

[0312] c. A digital document pertaining to that user is also enteredinto the SCAD. For example, the user may present a plastic credit card,wherein personal information for that user is recorded on a magneticstripe in the card.

[0313] generating a document with the information in the smart card andthe user's personal document 734 for the user in the plastic carddocument

[0314] transferring the document to the smart card 735

[0315] This process “engraves” the personal information for that userinto the smart card. Now the smart card is personalized to that user.

[0316] Method of Use of CA in Commerce

[0317] One embodiment of the method comprises the following stages, SeeFIG. 7:

[0318] holding a unique ID in the smart card 741

[0319] the smart card holds a unique ID of the CA and the user'spassword The smart card operates according to a fixed program that wasset according to rules governing CA, a program that is fixed and cannotbe changed by the user.

[0320] receiving user's demand for a certificate 742—the user asks thatthe CA give him/her a certificate to attest to the user's ID. Forexample, that the user whose name is John Doe has the ID of 31415.

[0321] performing user's personal identification 743—user enters PIN orother method of personal identification

[0322] The user identifies himself with the PIN, to prove that he is thelegitimate owner of the smart card

[0323] The user presents the ID and a public key, and a challenge isperformed. The smart card checks that the user holds the private keycorresponding to that public key. This may be performed with the userperforming an encryption with the private (secret) key.

[0324] Now the CA in the smart card knows that the user is indeed theperson he claims to be, and that he possesses the encryption key pair asclaimed. Of this key pair, only the public key was presented to the CA.

[0325] creating a certificate by CA 744

[0326] Based on the above, the CA in the smart card creates acertificate attesting to the above information. The preparation of thecertificate is performed according to rules fixedly programmed into theCA in the smart card.

[0327] That is, a certificate is only issued if the information given bythe user and the details of the certificate comply with the rules forissuing certificates that are written in the CA and that govern itsoperation.

[0328] attaching a CA's permit to the certificate 745

[0329] The CA attaches to the above certificate a permit issued to theCA, to the effect that the CA in this smart card is authorized to issuecertificates of the type just issued. The permit, issued by the knownand publicly recognized authority that prepared the CA in the smartcard, indicates that the CA is authorized to issue certificates.

[0330] issuing the certificate to user 746

[0331] reading existing credit card 741

[0332] System reads credit card—for example a magnetic card readerconnected to a personal computer, reads the information recorded on themagnetic tape in the plastic card

[0333] reading information and issuing a certificate 743

[0334] the smart card reads all the information and issues acertificate. The credit card details may be encrypted with the publickey of the recipient, that is the other side, or the service supplierwho is the other party to the transaction.

[0335] Various means may be used to protect the program in the device.For example, the program may be written in Read Only Memory ROM meansthat are physically difficult to change; otherwise, the device is builtwith no access from the outside to the program memory—the memory canonly be read by the internal processor in the smart card.

[0336] It will be recognized that the foregoing is but one example of anapparatus and method within the scope of the present invention and thatvarious modifications will occur to those skilled in the art uponreading the disclosure set forth hereinbefore.

What is claimed is:
 1. A secure method for generating digital documentsthat are certified by a known authority, comprising the steps of: A.Programming an electronic device with a document issuing method thatoriginates with the known authority, wherein the device further includesmeans for protecting the programmed method from tampering with; B.programming the electronic device with data identifying the owner of thedevice, and wherein the device includes means to prevent subsequentalterations of the owner identification data; C. reading a digitaldocument into the device; D. physical identification of the owner of thedevice, based on the identifying data as programmed in step (B); E. ifthe result of the identification process in step (D) is positive, thisindicating that the true owner requested the document, then issuing of adigital document signed by the known authority, wherein the document isprepared according to the document issuing method that was programmedinto the device in step A.
 2. The secure method of claim 1, wherein instep A the programming further includes information that is unique toeach device.
 3. The secure method of claim 1, wherein in step B thedevice reads a prior issued digital document that attests to a prioridentification of the user, and wherein the information in that documentis used for programming the electronic device with data identifying theowner of the device.
 4. The secure method of claim 1, wherein in step Cthe device reads a digital document relating to the owner of the device,and further including the step of verifying whether the identifyinginformation in the document corresponds to the owner identification dataentered in step B; proceeding to step D only if the identificationresult is positive, otherwise End procedure.
 5. The secure method ofclaim 1, wherein in step C the device reads a digital document sent tothe owner of the device, and further including the step of verifyingwhether the addressee identity information in the document correspondsto the owner identification data entered in step B; proceeding to step Donly if the identification result is positive, otherwise End procedure.6. The secure method of claim 1, wherein in step E the issued digitaldocument is output through a communication channel in the device.
 7. Thesecure method of claim 1, wherein in step E the issued digital documentis stored in digital storage means in the device.
 8. The secure methodof claim 1, wherein in step E the issued digital document is a permit ora certificate.
 9. A device for generating digital documents that arecertified by a known authority, comprising: A. computer means withprocessing means and memory means for implementing a program written inthe memory, and wherein the memory includes a document issuing methodthat originates with the known authority and data identifying the ownerof the device; B. means for protecting the document issuing method fromtampering with; C. means for preventing subsequent alteration of theowner identifing data; D. input means for reading information related tophysical user identification; and E. output means for transmittingdigital documents generated in the computer means.
 10. The device ofclaim 9, further including means for storing a plurality of digitaldocuments and for retrieving any document as desired.
 11. The device ofclaim 9, further including an input/output channel for receivingdocuments or user's commands and for outputting digital documents asdesired.
 12. The device of claim 9, wherein the device is stored in awristwatch.
 13. The device of claim 9, wherein the device is stored in asmart device.